I guess this is a reason to upgrade from my N16 i thought john fork might update ipset but it's still on 4.2.
No problem..... Went to the store today and came home with a AC66U B1Yeah unfortunately MIPS routers are based on an ancient kernel so Skynet doesn’t support them.
Is there a way to set this up where it auto updates the list every hour?Thanks so much for the quick reply.
That worked just fine.
I just tried to connect to the TOR network and it is being blocked successfully now.
Will this be persistent? Or will I have to add this list in the future?
THANKS AGAIN !!!!!
Is there a way to set this up where it auto updates the list every hour?
sh /jffs/scripts/firewall import blacklist xxxxxxxx.com
I have added the TOR proxy block list but it updates several times an hour and is out of date within a day or two for sure.
Thanks Again.. Mike in Michigan
Is there a way to set this up where it auto updates the list every hour?
sh /jffs/scripts/firewall import blacklist xxxxxxxx.com
I have added the TOR proxy block list but it updates several times an hour and is out of date within a day or two for sure.
Thanks Again.. Mike in Michigan
cru d Skynet_banmalware
cru a Skynet_banmalware "10 */1 * * * sh /jffs/scripts/firewall banmalware"
PR's are welcome. I don't have any of asuswrt-based devices.Again my guess is this is due to entware (and will also be fixed by running the installer again), their installer is terrible in the fact it overwrites several jffs scripts completely. @ryzhov_al @zyxmon would be great if you guys could improve this, there's really no need to overwrite files.
Thanks DonnyJohnny for posting the above fix for me. Have a Great Weekend....Mike in MichiganUse the following command
Code:cru d Skynet_banmalware cru a Skynet_banmalware "10 */1 * * * sh /jffs/scripts/firewall banmalware"
This will update the custom list every hour at its 10 min. I put 10min because I don’t want to stress the cpu as Skynet have a cron job at every hr at 00min.
If you want the command to be in effect, you can add it in /jffs/scripts/firewall-start
Put it in the end of the script.
Quick question - is there anyway to show stats for the past 24 hours while still retaining all the debug info? I don't want to clear all my historical data daily however I'd like to update my daily report to only show stats for the past 24 hours. Is this possible?
tl;dr : I did read post #2 but i was curious about multiple different sites using Shopify being blocked and nothing else. Not sure if unblocking those specific IP's will keep all Shopify sites from being blocked or if they all happen to be on the block list for any reason?
I have no idea what i did to my Skynet install, but i was finding i couldn't get to certain sites at all and found lots of outgoing blocked lines in the ASUSWRT system log. I disabled skynet, was able to get thru, but accidentally uninstalled it so i reinstalled it with the exact same settings except filtering incoming only and now i can get through. Should i manually whitelist those sites and re-enable outgoing blocking? The only thing they all had in common was they were all Shopify web stores.
should i be looking to unblock the shopify range or something? perhaps i should go thru the list of blocked ip's manually?
Wish there was a firewall error page so it was more obvious when it's the firewall stopping you but i know thats not a Skynet problem
Thanks in advance!
edit: never mind, can't get back on those shopify sites, all blocked on inbound now.
Checking my syslog I am seeing failed connection attempts to the Asus openvpn server with a WARNING: Bad encapsulated packet length from peer (5635) error. Can I presume that if they are showing up in syslog this way then they were not caught with Skynet?
If so, I am thinking about trying to script a daily job to look for these entries in the log, strip the IPs and add them to the manual ban list. Question here is there a practical limit to the manual ban list size?
Checking my syslog I am seeing failed connection attempts to the Asus openvpn server with a WARNING: Bad encapsulated packet length from peer (5635) error. Can I presume that if they are showing up in syslog this way then they were not caught with Skynet?
If so, I am thinking about trying to script a daily job to look for these entries in the log, strip the IPs and add them to the manual ban list. Question here is there a practical limit to the manual ban list size?
No, its just a number that can be modified at any time, currently is 500000
Checking the logs again, it appears that the attacks are continuing even though the IPs are in the ban list. So the openvpn server is not monitored by Skynet. I'm guessing I could add these directly to iptables - thoughts?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!